Storing digital information in a device in a secure and tamper-proof way that is resistant to physical attack is difficult and expensive. Physical Uncloneable Functions (PUF) have been proposed as a cost-effective way of storing information in an uncloneable way. PUFs were first introduced by Pappu as a way of generating secure keys for cryptographic purposes. A PUF can be comprised of a complex physical system with many randomly distributed components. The information is contained in a cheap, randomly produced, highly complicated piece of material, and the information is read out by performing physical measurements on the PUF and performing some additional computations.
The advantage of PUFs over electronic storage lies in the following facts: 1) Since they consist of many random components, it is practically impossible to make a physical copy, 2) PUFs provide inherent tamper evidence due to their sensitivity to changes in measurement conditions, and 3) data erasure is automatic if the PUF is damaged by a probe since they will respond differently to challenges applied to them.
Since a PUF cannot be copied or modelled it is uncloneable, and hence a key which is governed by a PUF cannot be given away or be copied. This makes PUFs attractive as protective measure against attack based on copying of key material (fuel-station attack) and for Digital Rights Management (DRM) systems.
Securing Non-Volitile Memory is an important building block in the design of secure hardware, and currently there is no working solution to offer adequate protection against a high level attacker. While static memory can be secured directly by using a PUF, this is so far not possible for dynamic memory. Such memory is needed for example checksums, counters, and updatable cryptographic keys.
In the paper “Extracting Secret Keys from Integrated Circuits”, by Daihyun Lim, Massachusetts Institute of Technology, May 2004, it is presented a way of improving a PUF by introducing a degree of dynamicity. In the paper Lim describes a reconfigurable PUF, which is implemented in a physical system comprising an integrated circuit. The delay characteristic of the PUF is changed by means of shifting the threshold voltage of a floating gate transistor. The shift is caused by changing the amount of charge at the floating gate. This shift changes the transistor delay, and thus the delay characteristic of the whole PUF. This prior art kind of reconfigurability relies on the procedure of storing a different value in a programmable register, where the floating gate transistor represents the register. Unfortunately, this is not as secure as desired, since an attacker may manage to read the register value or the signal which changes the value. Then the attacker will be able to reset the value to its old state. Another possible attack is to reset the value to zero by hardware means before the PUF is first used. It is desirable to improve the reconfiguration operation in order to increase the security.